Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Adding custom parameters to devise registration - unpermitted parameters

Tags:

ruby-on-rails

ruby-on-rails-3

devise

ruby-on-rails-5

I've been trying to customize the devise register method to register with more parameters and also update more(no luck so far), but I always get Unpermitted parameters: error. I tried using this Adding extra registration fields with Devise and https://github.com/plataformatec/devise#strong-parameters, but I cant get over that.

I've also thought about creating a new table to hold a foreign key the user id and put in there stuff like user_id, display_name, profile_picture, but I would have the same problem when trying to submit everything from the same page(mess with the devise controller).

Do you have any suggestions on how I can solve this? What else do I have to post?

routes.rb 

devise_for :users, controllers: { registrations: 'users/registrations' }

users/regC

def create
    build_resource(registration_params)

    if resource.save
      if resource.active_for_authentication?
        set_flash_message :notice, :signed_up if is_navigational_format?
        sign_up(resource_name, resource)
        respond_with resource, :location => after_sign_up_path_for(resource)
      else
        set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_navigational_format?
        respond_with resource, :location => after_sign_up_path_for(resource)
      end
    else
      clean_up_passwords
      respond_with resource
    end
  end

private
  def registration_paramss
    params.require(:user).permit(:email, :display_name, :terms_of_services, :profile, :password, :password_confirmation)
  end
like image 579
Bogdan Daniel Avatar asked Mar 03 '17 06:03

Bogdan Daniel

4 Answers

For Devise 4.2.0 you can whitelist additional parameters for your users table by adding those values to keys. By default devise gives you the comment to go off of now. Below I added :avatar

  # If you have extra params to permit, append them to the sanitizer.
  def configure_sign_up_params
    devise_parameter_sanitizer.permit(:sign_up, keys: [:attribute, :avatar])
  end
like image 36
Jbur43 Avatar answered Oct 14 '22 01:10

Jbur43

Looks like you just need to tell devise which parameters should be permitted. By default, devise permits the email (or username depending on configuration), password and password_confirmation params. You just need to add more.

The devise documentation suggests a "lazy way" of setting this up.

class ApplicationController < ActionController::Base
  before_action :configure_permitted_parameters, if: :devise_controller?

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.permit(:sign_up, keys: [:display_name])
  end
end

The documentation then says that

If you have nested attributes (say you're using accepts_nested_attributes_for), then you will need to tell devise about those nestings and types.

Only if you need to override the registrations#create action you should provide your custom route for devise. In that case, make sure you override the sign_up_params method too.

class Users::RegistrationsController < Devise::RegistrationsController
  def create
    # Your custom code here. Make sure you copy devise's functionality
  end

  private

  # Notice the name of the method
  def sign_up_params
    params.require(:user).permit(:display_name, :email, :password, :password_confirmation)
  end
end

In essence, you'd have to look into how your sign up form is posting the parameters to figure out how to configure strong parameters in the controller. Make sure you read on strong parameters syntax as well.

Hope it helps!

like image 82
gkats Avatar answered Oct 14 '22 03:10

gkats

The accepted answer says the config should go in your applicationController but it can simply go in your user registration controller and you can specify that you only want to run it for create method and nothing else: 


class Users::RegistrationsController < Devise::RegistrationsController
  before_action :configure_sign_up_params, only: [:create]

  protected

  def configure_sign_up_params
    devise_parameter_sanitizer.permit(:sign_up, keys: [:enter_param_name_here])
  end
end
like image 5
Coding Enthusiast Avatar answered Oct 14 '22 01:10

Coding Enthusiast

In my case this worked:

class ApplicationController < ActionController::Base
    before_action :configure_permitted_parameters, if: :devise_controller?

    protected

    def configure_permitted_parameters
        devise_parameter_sanitizer.permit(:account_update) { |u| u.permit(:name, :last_name, :image,:email, :password, :password_confirmation, :current_password) }
    end
end
like image 2
Nezir Avatar answered Oct 14 '22 03:10

Nezir
Sign in to Comment

Related questions

RoR nested :include to include sub-resources in to_xml/to_json
Rails Active Model Serializer - has_many and accessing the parent record
How do you change the Active Storage Service url_expires_in timeout?
UTF8 MySQL problems on Rails - encoding issues with utf8_general_ci
link_to :action => 'create' going to index rather than 'create'
How to check your gem list on heroku
ActiveAdmin Comment model not working properly
How to check string contains special character in ruby
Change the text will_paginate renders
Rails 4. How to add authenticity_token to forms rendered via partial?
Changing the first day of week in rails
heroku-like workflow on personal server
When to use single vs. double quotes in a Rails app [duplicate]
How do I group by day instead of date?
Time.use_zone is not working as expected
With Rails UJS, how to submit a remote form from a function
Rails Form Select Required
Generating unique, hard-to-guess "coupon" codes
Pushing Rails with SQLite3 to Heroku fails [duplicate]
Disable Devise confirmable mails

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!